Back to search
CVE-2021-20179
Published: Mar 15, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
A flaw was found in pki-core. An attacker who has successfully compromised a key could use this flaw to renew the corresponding certificate over and over again, as long as it is not explicitly revoked. The highest threat from this vulnerability is to data confidentiality and integrity.
| Vendor | Product | Versions |
|---|---|---|
n/a | pki-core | affected pki-core 10.5, pki-core 10.8, pki-core 10.9, pki-core 10.10, pki-core 10.11 |
Weaknesses (CWE)
References
https://bugzilla.redhat.com/show_bug.cgi?id=1914379
x_refsource_MISC
https://github.com/dogtagpki/pki/pull/3478
x_refsource_MISC
https://github.com/dogtagpki/pki/pull/3477
x_refsource_MISC
https://github.com/dogtagpki/pki/pull/3476
x_refsource_MISC
https://github.com/dogtagpki/pki/pull/3475
x_refsource_MISC
https://github.com/dogtagpki/pki/pull/3474
x_refsource_MISC
FEDORA-2021-c0d6637ca5
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-344dd24c84
vendor-advisory
x_refsource_FEDORA
FEDORA-2021-6c412a4601
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now